|
Those guys use security wholes in one script (wordpress, horde...) and they run a perl script on the server that changes all the index.php files
If you are in a shared hosting you are always at risk. If you are in your own server the best is to restrict the system calls from php.
In both cases, the final solution is to keep daily backups on server and offline backups regularly. That is the final protection. In both a Windows and a Linux servers.
Besides that, I can say that Linux or Windows offer both the same level of security. Really good on both of them. The issues, 99% of the times that I have seen servers hacked, come from scripts or other software that is not the OS. And I've been managing servers for more than 10y now...
Q
|
